There's an important detail which, for me at least, is surprising. From the paper:

"In this paper, we report that on the Android system (and likely other OSes), a weaker form of GUI confidentiality can be breached in the form of UI state (not the pixels) by a background app without requiring any permissions."

No permissions required, OUCH. The permission system was already considered useless, because all apps abuse permissions, but this really puts a nail in its coffin.

You download a simple Wallpaper app, or whatever, that requires no permissions to check your call data and other bullshit. What harm can it do, right? WRONG. If the flaw is in the window manager implementation, I wonder if this will be even fixed! And other OSes might be vulnerable.

Isn't this a trend with all app stores now? There's little incentive for any developer to create something only to have it cloned the next day, and have your original app downvoted by the army of the "competition", e.g., http://www.reddit.com/r/gamede.... I'm starting to think there are more "rogue" apps than legit ones.

Many apps use Adware anyway, which is just a backdoor waiting to happen. Do you trust the developer not to sell you to the highest bidder? The information you hold might be more valuable than you think.

Personally, I forgot about the "Smart" in "Smartphone" for a while now. It's not worth the trouble I'll be in, if I get attacked successfully. I know someone who used an online bank app, and had her account hacked into, because she installed an app from an untrusted source. I'm sure you guys know many cases like this. In my view, any app store is an untrusted source nowadays:)

You speak alot about code rejuvenation and bringing old code to new standards. As you are working on C++14, many compilers do not fully support C++11 yet. In the past, it was even worse. Don't you think that this lack of feature support from compilers is a major problem and the biggest obstacle to code rejuvenation?